DACL with static IP configuration

Similar Messages

• 2008 r2 hyper-v guest with static IP always looses network connectivity after every restart - no problem with DHCP

  Hello,
  We are running 2008 R2 domain with one physical DC and other running in VM on Hyper-V host (2008 R2 Standard). The host has 4 NICs and is configured to use one physical NIC for itself (management) and the hyper-v guest is configured to use another dedicated/physical
  NIC (through microsoft virtual switch) just for itself.
  I noticed that after setting the hyper-v guest with a static IP address all works fine only until guest restart. When the guest boots up the IP address is still configured correctly in IPv4 properties, but there is no network connectivity at all and in fact
  the guest shows running APIPA config in ipconfig /all output. That situation continues until I remove the virtual NIC from hyper-v guest, remove the virtual switch from dedicated NIC on host and then reconfigure it (using same settings as they were). very
  annoying.
  For time being I switched the virtual DC (problematic hyper-v guest) to a DHCP IP and configured DHCP server (running on physical DC machine, not on hyper-v host) to store a reservation for the hyper-v guest so it always gets the same "static"
  IP configuration.
  Is there some kind of a problem/bug with using static IP on (2008 R2) hyper-v guests? is there a hotfix for static IP config in hyper-v guest environment?
  both 2008 R2 OSes (host and guest) are up to date with all updates (synced with Microsoft, not WSUS).

  OK, I'm not at the office now, but took my time to test out the restart scenarios on problematic virtual guest remotely.
  No dice, same as it was, everything works fine after guest has IP configured in DHCP mode (IP reservation of 192.168.1.5 for specific MAC address) and it doesn't work after restart in static IP mode (same address, works before restart of guest).
  I also took "arp -a" outputs at each step from host server and that was always saying there is only a single host (192.168.1.5 = VDC = problematic virtual guest) assigned to that IP address and always with same MAC, so that pretty much rules out
  ARP/MAC troubles and no issues with switches/routers getting spoofed. Problem is most likely with the virtual guest (WS2008R2) or within the host running same OS.
  Here are outputs:
  A) VDC has IP configured in DHCP mode - always same, survives through restart (all works)
  Ethernet adapter Local Area Connection:
  Connection-specific DNS Suffix . : CD.lan
  Description . . . . . . . . . . . : Microsoft Virtual Machine Bus Network Adapter
  Physical Address. . . . . . . . . : 00-15-5D-01-D3-00
  DHCP Enabled. . . . . . . . . . . : Yes
  Autoconfiguration Enabled . . . . : Yes
  Link-local IPv6 Address . . . . . : fe80::b9af:6679:3142:8799%13(Preferred)
  IPv4 Address. . . . . . . . . . . : 192.168.1.5(Preferred)
  Subnet Mask . . . . . . . . . . . : 255.255.255.0
  Lease Obtained. . . . . . . . . . : Thursday, January 30, 2014 5:34:48 PM
  Lease Expires . . . . . . . . . . : Friday, February 07, 2014 5:35:26 PM
  Default Gateway . . . . . . . . . : 192.168.1.254
  DHCP Server . . . . . . . . . . . : 192.168.4.5
  DHCPv6 IAID . . . . . . . . . . . : 268440925
  DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-6F-5F-C2-00-15-5D-01-D3-00
  DNS Servers . . . . . . . . . . . : 192.168.1.5
  192.168.4.5
  NetBIOS over Tcpip. . . . . . . . : Enabled
  ARP -a output from host server at that time:
  Interface: 192.168.1.4 --- 0xc
  Internet Address Physical Address Type
  192.168.1.5 00-15-5d-01-d3-00 dynamic
  B) VDC has IP configured in static mode - BEFORE RESTART (all works)
  Ethernet adapter Local Area Connection:
  Connection-specific DNS Suffix . :
  Description . . . . . . . . . . . : Microsoft Virtual Machine Bus Network Adapter
  Physical Address. . . . . . . . . : 00-15-5D-01-D3-00
  DHCP Enabled. . . . . . . . . . . : No
  Autoconfiguration Enabled . . . . : Yes
  Link-local IPv6 Address . . . . . : fe80::b9af:6679:3142:8799%13(Preferred)
  IPv4 Address. . . . . . . . . . . : 192.168.1.5(Preferred)
  Subnet Mask . . . . . . . . . . . : 255.255.255.0
  Default Gateway . . . . . . . . . : 192.168.1.254
  DHCPv6 IAID . . . . . . . . . . . : 268440925
  DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-6F-5F-C2-00-15-5D-01-D3-00
  DNS Servers . . . . . . . . . . . : 192.168.1.5
  192.168.4.5
  NetBIOS over Tcpip. . . . . . . . : Enabled
  ARP -a output from host server at that time:
  Interface: 192.168.1.4 --- 0xc
  Internet Address Physical Address Type
  192.168.1.5 00-15-5d-01-d3-00 dynamic
  C) VDC has the same IP configured in static mode - AFTER RESTART (no more network connectivity at all, LAN in Public zone)
  Windows IP Configuration
  Host Name . . . . . . . . . . . . : VDC
  Primary Dns Suffix . . . . . . . : CD.lan
  Node Type . . . . . . . . . . . . : Hybrid
  IP Routing Enabled. . . . . . . . : No
  WINS Proxy Enabled. . . . . . . . : No
  DNS Suffix Search List. . . . . . : CD.lan
  Ethernet adapter Local Area Connection:
  Connection-specific DNS Suffix . :
  Description . . . . . . . . . . . : Microsoft Virtual Machine Bus Network Adapter
  Physical Address. . . . . . . . . : 00-15-5D-01-D3-00
  DHCP Enabled. . . . . . . . . . . : No
  Autoconfiguration Enabled . . . . : Yes
  Link-local IPv6 Address . . . . . : fe80::b9af:6679:3142:8799%13(Preferred)
  Autoconfiguration IPv4 Address. . : 169.254.135.153(Preferred)
  Subnet Mask . . . . . . . . . . . : 255.255.0.0
  Default Gateway . . . . . . . . . : 192.168.1.254
  DHCPv6 IAID . . . . . . . . . . . : 268440925
  DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-6F-5F-C2-00-15-5D-01-D3-00
  DNS Servers . . . . . . . . . . . : 192.168.1.5
  192.168.4.5
  NetBIOS over Tcpip. . . . . . . . : Enabled
  ARP -a output from host server at that time:
  Interface: 192.168.1.4 --- 0xc
  Internet Address Physical Address Type
  192.168.1.5 00-15-5d-01-d3-00 dynamic
  Throughout the testing, the hyper-v host IP configuration and IPconfig output was always staying same.
  The Network Connection #2 is the only one the host uses (not shared with hyper-v guests).
  The Network Connection #4 is assigned to Microsoft Virtual Switch hence why it doesn't show up in results, like below:
  Windows IP Configuration
  Host Name . . . . . . . . . . . . : HYPER-V
  Primary Dns Suffix . . . . . . . : CD.lan
  Node Type . . . . . . . . . . . . : Hybrid
  IP Routing Enabled. . . . . . . . : No
  WINS Proxy Enabled. . . . . . . . : No
  DNS Suffix Search List. . . . . . : CD.lan
  Ethernet adapter Local Area Connection 3:
  Media State . . . . . . . . . . . : Media disconnected
  Connection-specific DNS Suffix . :
  Description . . . . . . . . . . . : HP Ethernet 1Gb 4-port 331i Adapter #3
  Physical Address. . . . . . . . . : 9C-8E-99-52-15-91
  DHCP Enabled. . . . . . . . . . . : Yes
  Autoconfiguration Enabled . . . . : Yes
  Ethernet adapter Local Area Connection 2:
  Connection-specific DNS Suffix . :
  Description . . . . . . . . . . . : HP Ethernet 1Gb 4-port 331i Adapter #2
  Physical Address. . . . . . . . . : 9C-8E-99-52-15-90
  DHCP Enabled. . . . . . . . . . . : No
  Autoconfiguration Enabled . . . . : Yes
  Link-local IPv6 Address . . . . . : fe80::dc78:8a3b:38a5:7af3%12(Preferred)
  IPv4 Address. . . . . . . . . . . : 192.168.1.4(Preferred)
  Subnet Mask . . . . . . . . . . . : 255.255.255.0
  Default Gateway . . . . . . . . . : 192.168.1.254
  DHCPv6 IAID . . . . . . . . . . . : 312250009
  DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-67-52-8F-9C-8E-99-52-15-93
  DNS Servers . . . . . . . . . . . : 192.168.4.5
  192.168.1.5
  NetBIOS over Tcpip. . . . . . . . : Enabled
  Ethernet adapter Local Area Connection:
  Media State . . . . . . . . . . . : Media disconnected
  Connection-specific DNS Suffix . :
  Description . . . . . . . . . . . : HP Ethernet 1Gb 4-port 331i Adapter
  Physical Address. . . . . . . . . : 9C-8E-99-52-15-93
  DHCP Enabled. . . . . . . . . . . : Yes
  Autoconfiguration Enabled . . . . : Yes
  On Monday I will install more test guests in Hyper-V host (WS2008R2), in variety of flavors like 7x64, 8.1x64, ws2012r2, and see if they show similar problems with static IP configuration when utilizing a dedicated NIC from host server.
  Don't get me wrong, I can live with virtual DC running on DHCP IP reservation (which is based on MAC), because the virtual DC pretty much requires a physical PDC (hosting also DHCP in my network) to be present for safety reasons ... however I prefer a static
  IP configuration on all servers, hence my question and surprise why it doesn't work.

• No Internet Access while Apps configure with Static IP - How to resolve?

  Dear Legends,
  I have installed a development instance which my configuration as follows:
  OS - Oracle Enterprise Linux 5.7 64 bit
  Instance - R12.1.3
  HDD - 500 GB
  RAM - 8GB
  IP - static - 192.168.1.10
  Subnet mask - 255.255.255.0
  Gateway - 192.168.1.1 --> router ip
  I need to setup a static ip only, but if i setup a static ip am able to access instance but no internet access, so that if i need to do any automation work like cron and sendmail is not working. How do i resolve this?
  1. I tried to setup a static ip configuration as editing the /etc/hosts and entry as
  192.168.1.10 hostname alias
  2. edited the resolv.conf for adding a nameserver as follows
  search hostname
  nameserver primary dns
  nameserver secondary dns
  but these entries are not available when i issue a service network restart
  3. Edited /etc/sysconfig/network-scripts/ifcfg-eth0
  # Realtek Semiconductor Co., Ltd. RTL8111/8168B PCI Express Gigabit Ethernet controller
  DEVICE=eth0
  BOOTPROTO=none --> even i have changed this to STATIC/none but no change
  HWADDR=B8:88:E3:30:1A:ED
  ONBOOT=yes
  TYPE=Ethernet
  USERCTL=no
  IPV6INIT=no
  PEERDNS=yes
  HOSTNAME=devl.rel.net
  IPADDR=192.168.1.10
  NETMASK=255.255.255.0
  GATEWAY=192.168.1.1
  Since i'm trying to update my old threads if it is similar to this but i dont find any old threads, please kindly request you to provide your valuable suggestions.
  Regards,
  Karthik Singh

  karthiksingh_dba wrote:
  Hi Hussein,
  As per your request i am continuing this thread in the followiing link HOW TO ACCESS MY VISION INSTANCE GLOBALLY? is it correct?
  Regards,
  Karthik SinghYes.
  Thanks,
  Hussein

• Trying to install WSUS role on Windows Server 2012 R2 using dedicated SQL Instance with static port on remote SQL Server 2012 SP1 CU7 on Windows Server 2012 R2.

  I am trying to install WSUS role on Windows Server 2012 R2 using dedicated SQL Instance with static port on remote SQL Server 2012 SP1 CU7 on Windows Server 2012 R2.
  It verifies the connection and then throws the error:
  The request to add or remove features on the specified server failed. The operation cannot be completed, because the server you specified requires a restart.
  WSUS Server : Windows Server 2012 R2
  Remote SQL Server: 2012 SP1 CU7 hosted on Windows Server 2012 R2
  Please let me know if anyone has experienced this issue.

  We were trying to install WSUS role on Windows Server 2012 R2 using dedicated SQL Instance with static port on remote SQL Server 2012 SP1 CU7 on Windows Server 2012 R2.
  It verifies the connection and then throws the error:
  The request to add or remove features on the specified server failed. The operation cannot be completed, because the server you specified requires a restart.
  Same error even after rebooting the server multiple times.
  WSUS Server : Windows Server Standard2012 R2
  Remote SQL Server: Windows Server 2012 SP1 CU7 hosted on Windows Server 2012 R2
  Event ID 7000:
  The Windows Internal Database service failed to start due to the following error:
  The service did not start due to a logon failure.
  Event ID 7041
  The MSSQL$MICROSOFT##WID service was unable to log on as NT SERVICE\MSSQL$MICROSOFT##WID with the currently configured password due to the following error:
  Logon failure: the user has not been granted the requested logon type at this computer.
  Service: MSSQL$MICROSOFT##WID
  Domain and account: NT SERVICE\MSSQL$MICROSOFT##WID
  This service account does not have the required user right "Log on as a service."
  User Action
  Assign "Log on as a service" to the service account on this computer. You can use Local Security Settings (Secpol.msc) to do this. If this computer is a node in a cluster, check that this user
  right is assigned to the Cluster service account on all nodes in the cluster.
  If you have already assigned this user right to the service account, and the user right appears to be removed, check with your domain administrator to find out if a Group Policy object associated
  with this node might be removing the right.
  I found following article:
  "MSSQL$MICROSOFT##WID service was unable to log on as NT SERVICE\MSSQL$MICROSOFT##WID" error when you install WID in Windows Server 2012
  http://support.microsoft.com/kb/2832204/en-us
  To work around the issue, use one of the following methods:
  Assign the Log on as a service user right to NT SERVICE\ALL SERVICES in the GPO that defines the user right.
  Exclude the computer from the GPO that defines the user right.
  We moved the SCCM server to OU where no policies were getting applied and then applied the new GPO to that OU. Restarted the server and we were able to install WSUS role.
  Regards
  PR

• How to use both wired and wireless connection with static addresses

  Now that I have setup my home network with static addresses (router, mini1, mini2 and PC) in the way I want, (big thanks to BDAqua http://discussions.apple.com/thread.jspa?threadID=1271635&tstart=0) I would like to understand some more advanced network concepts.
  I would like to change the network so that I use both the wireless connection and the built-in ethernet connection at the same time in my Mac mini1. I would like to connect my PC to my Mac mini by using the wired ethernet connection so that I reach the Internet from my PC as well. I would also like to be in control of all the addresses therefore I want to assign the addresses manually.
  The question: What addresses should I use between mini1 and PC? Should I use the same wireless address space as I already use between the wireless router and the other computers (router: 192.168.1.1, mini1: 192.168.1.101, mini2: 192.168.1.103) or should I use something totally different like 10.X.X.X? What should I put in ethernet connection "Router"-field, the same as in Airport (192.168.1.1)? What about DNS, same as in Airport?

  If I understand this correctly, you wish your Mini to perform Internet Sharing for your PC, correct!?
  If so you'll pretty much have to let the Mini handle DHCP & NAT on the Ethernet port. You also want to be sure Airport is dragged to the top of Network>Show:>Network Port Configurations, that's what position the Mini will use 1st for Internet itself.
  On the Mini turn on both Web Sharing & Internet Sharing. The PC once connected will have the Mini's Ethernet IP as it's Gateway addy.

• Static Policy NAT in VPN conflicts with Static NAT

  I have a situation where I need to create a site-to-site VPN between an ASA 5505 using IOS 7.2 and a Sonicwall NSA4500. The problem arises in that the LAN behind the Cisco ASA has the same subnet as a currently existing VPN created on the Sonicwall. Since the Sonicwall can't have two VPNs both going to the same subnet, the solution is to use policy NAT on the ASA so that to the Sonicwall, the new VPN appears to have a different subnet.
  The current subnet behind the ASA is 192.168.10.0/24 (The Sonicwall already has a VPN created to a different client with that same subnet). I am trying to translate that to 192.168.24.0/24. The peer LAN (behind the Sonicwall) is 10.159.0.0/24. The pertinent configuration of the ASA is:
  interface Vlan1
  ip address 192.168.10.1 255.255.255.0
  access-list outside_1_cryptomap extended permit ip 192.168.24.0 255.255.255.0 10.159.0.0 255.255.255.0
  access-list VPN extended permit ip 192.168.10.0 255.255.255.0 10.159.0.0 255.255.255.0
  static (inside,outside) 192.168.24.0 access-list VPN
  crypto map outside_map 1 match address outside_1_cryptomap
  In addition to this, there are other static NAT statements and their associated ACLs that allow certain traffic through the firewall to the server, e.g.:
  static (inside,outside) tcp interface smtp SERVER smtp netmask 255.255.255.255
  The problem is this: When I enter the static policy NAT statement, I get the message "Warning: real-address conflict with existing static" and then it refers to each of the static NAT statements that translate the outside address to the server. I thought about this, and it seemed to me that the problem was that the policy NAT statement needed to be the first NAT statement (it is last) so that it would be handled first and all traffic destined for the VPN tunnel to the Sonicwall (destination 10.159.0.0/24) would be correctly handled. If I left it as the last statement, then the other static NAT statements would prevent some traffic destined for the 10.159.0.0/24 network from being correctly routed through the VPN.
  So I tried first to move my policy NAT statement up in the ASDM GUI. However, moving that statement was not permitted. Then I tried deleting the five static NAT statements that point to the server (one example is above) and then recreating them, hoping that would then move the policy NAT statement to the top. This also failed.
  What am I missing?

  Hi,
  To be honest it should work in the way I mentioned. I am not sure why it would change the order of the NAT configurations. I have run into this situation on some ASA firewalls running the older software (older than 8.2) and the reordering of the configurations has always worked.
  So I am not sure are we looking at some bug or what the problem is.
  I was wondering if one solution would be to configure all of the Static NAT / Static PAT as Static Policy NAT/PAT
  I have gotten a bit rusty on the older (8.2 and older) NAT configuration format as over 90% of our customer firewalls are running 8.3+ software.
  I was thinking of this kind of "static" configuration for the existing Static PAT configurations if you want to try
  access-list STATICPAT-SMTP permit tcp host eq smtp any
  static (inside,outside) tcp interface smtp access-list STATICPAT-SMTP
  access-list STATICPAT-HTTPS permit tcp host eq https any
  static (inside,outside) tcp interface https access-list STATICPAT-HTTPS
  access-list STATICPAT-RDP permit tcp host eq 3389 any
  static (inside,outside) tcp interface 3389 access-list STATICPAT-RDP
  access-list STATICPAT-TCP4125 permit tcp host eq 4125 any
  static (inside,outside) tcp interface 4125 access-list STATICPAT-TCP4125
  access-list STATICPAT-POP3 permit tcp host eq pop3 any
  static (inside,outside) tcp interface pop3 access-list STATICPAT-POP3
  Naturally you would add the Static Policy NAT for the VPN first.
  Again I have to say that I am not 100% sure if this was is the correct format maybe you can test it with a single service that has a Static PAT. For example the Static PAT for RDP (TCP/3389). First entering the Static Policy NAT then removing the Static PAT and then entering the Static Policy PAT.
  Remember that you should be able to test the translations with the "packet-tracer" command
  For example
  packet-tracer input outside tcp 1.1.1.1 12345
  - Jouni

• Deploying Template with static IP pool failed

  Hi,
  I've got a cluster with two nodes on Win2012r2. It have been added already configured in SCVMM2012r2. I did however configure the VM Networkt through Logical Switches.
  1 - Logical Networks : ProdVMNET, with one site, GVEProdVMNet, where my hosts are and the Production vLAN 3108, subnet 172.31.8.0/24 :
  2 - IP Pool linked with my Logical Switch and configured in the same subnet (172.31.8.x/24) :
  3 - I've a port profile Uplink, ProdDynamicTeam, for creating the team dedicated to VM Network traffic on host.
  4 - This Uplink is bound to my logical Switch, tVMNet

  5 - Finally, I added th Logical Switch on both my host :
  Everything seems to working fine and I made my first VM.
  I then created a template with it and tried to deploy it, with Static IP (From a static IP Pool) :
  Unfortunately, when my VM start, my host get an APIPA...
  Any idea why ?
  Did I miss anything ?
  Thanks,

• Cisco Touch loses static IP configuration

  I have a Cisco Touch that keeps losing the static IP configuration randomly and then displays a message to configure the manual IP settings, once this is done the system connects with the SX20 no problem.
  This happens once a day. 

  What version of software are you running on the SX20?  There were some improvements with regards to Static IP addresses and the Touch in one of the more recent version (TC7.1.0 from memory) - the latest being TC7.2.0.
  If you have an active service contract on your device you should be able to download the updated software from the Cisco web site.
  If you don't have a service contract, contact the TAC, and reference one of the recent security advisories (ie http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl) to get a "free" upgrade to TC7.x as per the "customers without service contracts" section.
  Wayne
  Please remember to rate responses and to mark your question as answered if appropriate.

• Serve up Static Content - configuration?

  Hello!
  How can I configure WEB AS to serve up static files from an external folder? Is there a configuration in WEB AS to map a context to an external folder with static files?
  Thanks
  /Ray

  Hi Ray,
  Eddy's reply refers to setting the option on the ICM. In case you don't use the ICM, but just the Web AS Java, you can do that using the HTTP Provide Service. You can either create a virtual host (this is the term on Web AS Java for virtual directory ) and set your external directory with static content as its root directory. You can refer to the <a href="http://help.sap.com/saphelp_nw04/helpdata/en/0b/fbf5a47928f84e8d0beba8371508e6/frameset.htm">documentation</a> for details about the configuration procedure.
  Regards,
  Ivo

• Connect AE to motorola cable model with static IP

  I'm trying to replace the wireless modem supplied by the cable company with my AE/time capsule. This involves using a static IP.
  I've gone through all the various stages using the information from the ISP but when I try to save the settings on the airport it gives the error message "IP address not compatible with WAN setup" and just won't let me go further.
  I am stumped.
  The AE has been reset to factory settings. I am using the router address supplied by the ISP - is this wrong? If I don't use static IP I don't get the problem, but I also don't get a connection, obviously, so I'm assuming the issue is somehow linked to the static issue.
  The cable modem is a motorola so lord knows what other problems I will have but for now I just want to at least get the configuration right in principle.
  What am I doing wrong?
  Please bear in mind, I have a brain but I am NOT a techie. I have had the TC working with a cable modem before (but not static IP), and had a working AE with static IP on an ethernet connection both without much problem, so this has me cross and confused.
  Halp?

  Power down the Motorola SB5101 cable modem. Unplug your Netcomm wireless router and set it aside. "Hard reset" your Extreme by following the instructions below, and connect its Ethernet WAN port to the cable modem. Don't try to reconfigure the Extreme from its present settings; "hard reset" it and start from the beginning.
  Power up both the cable modem and the Extreme, launch AirPort Utility, select "New AirPort Extreme..." from your Mac's Wi-Fi menu, and proceed to configure it. After clicking Update, wait a moment or two to reset, then connect to the wireless network you just created by selecting it in your Mac's Wi-Fi menu.
  There should be no need to use a static IP address. If you have reason for requiring one explain what it is, but you will require information from your ISP.
  It's not clear whether you have an AirPort Extreme, a Time Capsule, or both. If you have both then that also needs clarification.
  To "hard reset" an AirPort Base Station: make sure it's powered up, then press and hold its tiny reset button and keep it depressed for five to ten seconds, long enough for its LED to flash amber rapidly. Release the reset button. Then, the LED will glow amber steadily for about a minute. Then, it will flash amber, slowly, about once every second or two, waiting for you to configure it with AirPort Utility.

• Problem iPhone WiFi Connection to Airport Express with static IP addresses

  We have our Airport Express configured on the LAN with a fixed IP. It is not distributing IP addresses, or providing DHCP services; it simply links the WiFi to the LAN.
  To connect via WiFi you set a static IP for the wireless device and enter all IP information by hand (IP/Router/Mask/DHCP etc). Laptops can connect fine, and use the network.
  The iPhone connects to the wireless network ok (we tried with security on and off), however, it seems to be unable to successfully use the network. Any attempt to browse a web page using a numeric IP address, or regular IP address, fails.
  Has anyone successfully used the iPhone on a WiFi network with static IP addresses, and a Wireless access point that also uses a static IP address?

  The problem with static IP on iPhone was caused by the IP address being blocked by over-zealous network manager...

• Set Up Airport Extreme with Static IPs and DHCP same time

  I have Verizon Fios to my Business with 5 Static IP Address. One of them must be assigned to the Airport Extreme Base Station. I have 5 iMacs needing internet connection of which 2 need to use a static ip,( Filemaker Server and my Mac OS X Web Server). I also use 2 iPhones with a custom App accessing that FileMaker Server via the internet too. I want to set up my Airport Extreme Base Station to have those 2 iMacs connected with static ips , which must NEVER CHANGE, via an ethernet cable and all the rest wireless with WiFi. Do to the size of my building I also want another Airport Extreme or Express to just expand the range from the Base Station for the wireless connections only. Looking at the Airport Internet Settings I only see 3 options for Connection Sharing, "Share A Public IP Address", "Distribute a range of IP addresses", "Off (Bridge Mode)". I'm thinking I need to give 1 IP Address to the Base Station, 2 ip addresses to my servers, then 1 ip address to share for my wireless DHCP connections. The additional Airport set to Off(Bridge Mode) to expand the base station. Please advise on how I would set up that base station to do this.

  With respect to expanding the base stations range, in the Base stations Wireless Settings I would click to select "Allow this network to be extendeded". Then what settings would I need in the Additional Airport?
  Note: Both AirPorts would have to be 802.11n models in order for this to work. The additional AirPort would need to be configured to extend the Extreme. (ref: AirPort Utility > Manual Setup > AirPort > Wireless > Wireless Mode = Extend a wireless network)
  Would that NEED to be connected to the base station via ethernet cable or will it pick up the base station wirelessly?
  Using the "extend" feature is intended to expand the wireless range of an AirPort with another wirelessly. You would not need to connect them by Ethernet. In this configuration, the additional AirPort would be in bridge mode and will pass through the IP information from the other base station's DHCP service.

• DHCP Lease process with static clients

  Hi ,
  I have a question regarding DHCP .
  Let us assume that DHCP server has been configured with ip address pool,  say for ex: 192.168.1.2 to 192.168.2.254.
  Now  assume that in the LAN network we have 3 clients which have got the  DHCP addresses from the above pool say from 192.168.1.2 to 192.168.1.4.
  Now  I will add one more client with static ip address from the above pool say IP: 192.168.1.5.
  Now if I add one more DHCP client, in the above LAN network, will the DHCP server come to know that there is already static client with IP address 192.168.1.5 is exist? and for the newly added client, will it give the same static ip address 192.168.1.5 or will give the next available IP address?
  Basically I want to understand that whether DHCP server will have idea of static clients?

  Hi,
  you can do this creating more than one dhcp server on your router, and you can provide the IP address from the different dhcp servers through assigning ip address from the blog to the specific interface in the router.
    regarding the static IP address that have been assigned to a host in your network, the dhcp try to lease the same IP address to another hosts in the network, but once it detected that this IP address is conflected the dhcp server remove this IP address and assign the next IP to the host.
  please let me know if this is not cleare.
  regards,

• (EA4500). With static IP assigned, how to tell of devices are connected?

  I've assigned static IPs to all of my network devices.
  Logging onto the router, there does not appear to be any way to tell whether any device is connected or not.  Is this normal?

  Static IP assignments are only done on the device itself. You switch the device from DHCP to static IP and configure everything on the device itself.
  DHCP reservation is not a static IP assignment. It's telling the DHCP server to assign a specific IP address to a specific device. The device still runs on DHCP and cannot tell whether the IP address received is the IP address reserved or not. That's something entirely different and not to be confused with static IP.
  Linksys routers never showed a complete list of connected devices. As mentioned before, you can only see the list of wireless devices associated. You won't see wired devices with static IP nor DHCP reservation and even the DHCP client list is often incomplete...

• Express and extreme both "n" with static vs dhcp reservations.

  Good day, and thanks for reading.
  I have an express that I have configured to "extend my wireless network" with my extreme. This is all setup manually, with no internet connection needed. everything is static and I am just using the wireless and switch of the routers.
  I have 4 electronic components that have static IP addresses _and_ I have added the mac addresses to the DHCP reservation list as well.
  I would prefer to leave everything with just the manual addresses in mac access control, however- the apple log does not show the connections for these components with static addresses. However, they do show up on the log as connected in the DHCP client log when I am using DHCP only.
  My questions are;
  1. Does it hurt performance on the routers to have the mac addresses filled in on both the DHCP reservation list, and the mac address control list?
  2. Do I need to have all the mac addresses for my connected components on both the extreme and the express or, can I just have them inserted on the extreme- and are there any conflicts that can arise with having them coded on both routers?
  I just want to be able to see the connections on the log, and currently it will only show them if I am using DHCP.
  Thanks you.

  Hello chrisinoswego. Welcome to the Apple Discussions!
  1. Does it hurt performance on the routers to have the mac addresses filled in on both the DHCP reservation list, and the mac address control list?
  No.
  2. Do I need to have all the mac addresses for my connected components on both the extreme and the express or, can I just have them inserted on the extreme- and are there any conflicts that can arise with having them coded on both routers?
  When employing MAC Access Control, the MAC addresses would need to be entered in each base station. The only conflict that I am aware of is when the (in this case) two MAC lists are not identical.